[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

PH12020550006A1 - Key attestation statement generation providing device anonymity - Google Patents

Key attestation statement generation providing device anonymity

Info

Publication number
PH12020550006A1
PH12020550006A1 PH12020550006A PH12020550006A PH12020550006A1 PH 12020550006 A1 PH12020550006 A1 PH 12020550006A1 PH 12020550006 A PH12020550006 A PH 12020550006A PH 12020550006 A PH12020550006 A PH 12020550006A PH 12020550006 A1 PH12020550006 A1 PH 12020550006A1
Authority
PH
Philippines
Prior art keywords
attestation
public
private key
certificate
providing device
Prior art date
Application number
PH12020550006A
Inventor
Saurav Sinha
Victor Warren Heller
Original Assignee
Microsoft Technology Licensing Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Technology Licensing Llc filed Critical Microsoft Technology Licensing Llc
Publication of PH12020550006A1 publication Critical patent/PH12020550006A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0827Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/42Anonymization, e.g. involving pseudonyms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Medicines Containing Antibodies Or Antigens For Use As Internal Diagnostic Agents (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A computing device sends a request for an attestation certificate to an attestation service along with information regarding the hardware and/or software of the device. The attestation service processes the request and verifies the information received from the device. After verifying the information, the attestation service selects a public/private key pair from a collection of reusable public/private key pairs and generates an attestation certificate for the device and public key of the public/private key pair. This attestation certificate is digitally signed by the attestation service and returned to the device. The private key of the selected public/private key pair is also encrypted to a trusted secure component of the device, ensuring that the key cannot be stolen by malware and re-used on another device, and is returned to the device. The device uses this attestation certificate to access relying parties, and optionally generates additional public/private key pairs and attestation certificates.
PH12020550006A 2017-07-13 2020-01-02 Key attestation statement generation providing device anonymity PH12020550006A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15/649,085 US10819696B2 (en) 2017-07-13 2017-07-13 Key attestation statement generation providing device anonymity
PCT/US2018/034795 WO2019013886A1 (en) 2017-07-13 2018-05-28 Key attestation statement generation providing device anonymity

Publications (1)

Publication Number Publication Date
PH12020550006A1 true PH12020550006A1 (en) 2020-10-12

Family

ID=62621070

Family Applications (1)

Application Number Title Priority Date Filing Date
PH12020550006A PH12020550006A1 (en) 2017-07-13 2020-01-02 Key attestation statement generation providing device anonymity

Country Status (17)

Country Link
US (2) US10819696B2 (en)
EP (1) EP3652882A1 (en)
JP (1) JP7077394B2 (en)
KR (1) KR102451109B1 (en)
CN (1) CN110892672B (en)
AU (1) AU2018299716B2 (en)
BR (1) BR112020000220A2 (en)
CA (1) CA3067540A1 (en)
CL (1) CL2020000081A1 (en)
CO (1) CO2020000162A2 (en)
IL (1) IL271812B2 (en)
MX (1) MX2020000328A (en)
PH (1) PH12020550006A1 (en)
RU (1) RU2763516C2 (en)
SG (1) SG11201912738WA (en)
WO (1) WO2019013886A1 (en)
ZA (1) ZA201908494B (en)

Families Citing this family (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11310050B2 (en) 2018-09-17 2022-04-19 Microsoft Technology Licensing, Llc Verifying a computing device after transport
US10423791B2 (en) * 2017-04-27 2019-09-24 Microsoft Technology Licensing, Llc Enabling offline restart of shielded virtual machines using key caching
US10819696B2 (en) * 2017-07-13 2020-10-27 Microsoft Technology Licensing, Llc Key attestation statement generation providing device anonymity
US10447486B2 (en) * 2017-07-19 2019-10-15 Spyrus, Inc. Remote attestation of a security module's assurance level
EP3688948A1 (en) * 2017-09-25 2020-08-05 Telefonaktiebolaget LM Ericsson (PUBL) Provisioning of vendor credentials
GB2578628B (en) * 2018-11-01 2021-09-15 Trustonic Ltd Device attestation techniques
WO2020151831A1 (en) * 2019-01-25 2020-07-30 Huawei Technologies Co., Ltd. Method for end entity attestation
US11374771B2 (en) 2019-03-08 2022-06-28 Ares Technologies, Inc. Methods and systems for implementing mixed protocol certificates
US10742421B1 (en) 2019-03-08 2020-08-11 Ares Technologies, Inc. Methods and systems for anonymous hardware attestation
US10735205B1 (en) 2019-03-08 2020-08-04 Ares Technologies, Inc. Methods and systems for implementing an anonymized attestation chain
US11394565B2 (en) * 2019-06-18 2022-07-19 Intel Corporation Asymmetric device attestation using physically unclonable functions
KR20210017083A (en) * 2019-08-06 2021-02-17 삼성전자주식회사 Electronic device and method for generating attestation certificate based on fused key
US11539678B2 (en) * 2019-08-16 2022-12-27 Red Hat, Inc. Asymmetric key management for cloud computing services
US11265721B1 (en) * 2019-08-20 2022-03-01 Facebook Technologies, Llc Secure device attestation and mutual authentication of artificial reality devices
US11431689B2 (en) * 2020-01-10 2022-08-30 Lennox Industries Inc. Secure payload delivery
WO2022006574A1 (en) * 2020-06-29 2022-01-06 Arm Cloud Technology, Inc. Device attestation
US11595213B2 (en) * 2020-06-29 2023-02-28 Izuma Tech, Inc. Methods and apparatus for performing attestation
CN111953675B (en) * 2020-08-10 2022-10-25 四川阵风科技有限公司 Key management method based on hardware equipment
KR102318947B1 (en) * 2020-08-21 2021-10-27 세종대학교산학협력단 Method for protecting privacy data, computing device and system for executing the method
WO2022115200A2 (en) 2020-10-28 2022-06-02 Ares Technologies, Inc. Systems and methods for a cryptographic agile bootloader for upgradable secure environment
US11665148B2 (en) * 2021-03-22 2023-05-30 Cisco Technology, Inc. Systems and methods for addressing cryptoprocessor hardware scaling limitations
US20220337431A1 (en) * 2021-04-19 2022-10-20 Apple Inc. Privacy proofing of secure element generated certificates
US11750384B2 (en) * 2021-05-27 2023-09-05 Microsoft Technology Licensing, Llc Binding with cryptographic key attestation
US20230388110A1 (en) * 2022-05-31 2023-11-30 Microsoft Technology Licensing, Llc Using attestation client code to attest health of a computing device
US20240007354A1 (en) * 2022-06-30 2024-01-04 Amazon Technologies, Inc. Automatic onboarding of heterogeneous devices onto a client network
CN117056948B (en) * 2023-07-28 2024-09-27 威艾特科技(深圳)有限公司 Receipt credential encryption method and device

Family Cites Families (140)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7165174B1 (en) * 1995-02-13 2007-01-16 Intertrust Technologies Corp. Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management
US7631188B2 (en) * 1997-05-16 2009-12-08 Tvworks, Llc Hierarchical open security information delegation and acquisition
US6233685B1 (en) * 1997-08-29 2001-05-15 Sean William Smith Establishing and employing the provable untampered state of a device
JP2000049766A (en) * 1998-07-27 2000-02-18 Hitachi Ltd Key managing server system
US7194620B1 (en) * 1999-09-24 2007-03-20 Verizon Business Global Llc Method for real-time data authentication
US6996710B1 (en) * 2000-03-31 2006-02-07 Intel Corporation Platform and method for issuing and certifying a hardware-protected attestation key
US20020019938A1 (en) * 2000-08-04 2002-02-14 Aarons Michael Thomas Method and apparatus for secure identification for networked environments
US20020078347A1 (en) * 2000-12-20 2002-06-20 International Business Machines Corporation Method and system for using with confidence certificates issued from certificate authorities
US20020129261A1 (en) * 2001-03-08 2002-09-12 Cromer Daryl Carvis Apparatus and method for encrypting and decrypting data recorded on portable cryptographic tokens
US7925878B2 (en) * 2001-10-03 2011-04-12 Gemalto Sa System and method for creating a trusted network capable of facilitating secure open network transactions using batch credentials
GB2382419B (en) * 2001-11-22 2005-12-14 Hewlett Packard Co Apparatus and method for creating a trusted environment
US6963873B2 (en) * 2002-01-02 2005-11-08 Intel Corporation Method and system for automatic association of a signed certificate with a certificate signing request
CA2901250A1 (en) 2002-07-12 2004-01-22 Apple Inc. Personal authentication software and systems for travel privilege assignation and verification
US7181016B2 (en) * 2003-01-27 2007-02-20 Microsoft Corporation Deriving a symmetric key from an asymmetric key for file encryption or decryption
US20040193917A1 (en) * 2003-03-26 2004-09-30 Drews Paul C Application programming interface to securely manage different execution environments
US7797544B2 (en) * 2003-12-11 2010-09-14 Microsoft Corporation Attesting to establish trust between computer entities
US7263608B2 (en) 2003-12-12 2007-08-28 Lenovo (Singapore) Pte. Ltd. System and method for providing endorsement certificate
US7424610B2 (en) * 2003-12-23 2008-09-09 Intel Corporation Remote provisioning of secure systems for mandatory control
US7350072B2 (en) * 2004-03-30 2008-03-25 Intel Corporation Remote management and provisioning of a system across a network based connection
US20050251857A1 (en) * 2004-05-03 2005-11-10 International Business Machines Corporation Method and device for verifying the security of a computing platform
US20050278253A1 (en) * 2004-06-15 2005-12-15 Microsoft Corporation Verifying human interaction to a computer entity by way of a trusted component on a computing device or the like
US7055742B2 (en) * 2004-06-29 2006-06-06 Microsoft Corporation Method for secure on-line voting
US8356175B2 (en) * 2005-06-29 2013-01-15 Intel Corporation Methods and apparatus to perform associated security protocol extensions
US8417640B2 (en) * 2005-10-31 2013-04-09 Research In Motion Limited Secure license key method and system
US8989390B2 (en) * 2005-12-12 2015-03-24 Qualcomm Incorporated Certify and split system and method for replacing cryptographic keys
US7600123B2 (en) * 2005-12-22 2009-10-06 Microsoft Corporation Certificate registration after issuance for secure communication
US8145917B2 (en) * 2005-12-30 2012-03-27 Nokia Corporation Security bootstrapping for distributed architecture devices
US9135444B2 (en) * 2006-10-19 2015-09-15 Novell, Inc. Trusted platform module (TPM) assisted data center management
US8281389B2 (en) * 2006-12-21 2012-10-02 Seagate Technology Llc System and method for tamper evident certification
US8984280B2 (en) * 2007-02-16 2015-03-17 Tibco Software Inc. Systems and methods for automating certification authority practices
US7975290B2 (en) * 2007-06-07 2011-07-05 Alcatel Lucent Verifying authenticity of instant messaging messages
US7971261B2 (en) * 2007-06-12 2011-06-28 Microsoft Corporation Domain management for digital media
CN100566251C (en) * 2007-08-01 2009-12-02 西安西电捷通无线网络通信有限公司 A kind of trusted network connection method that strengthens fail safe
US20090125996A1 (en) * 2007-09-19 2009-05-14 Interdigital Patent Holdings, Inc. Virtual subscriber identity module
DE102007044905A1 (en) * 2007-09-19 2009-04-09 InterDigital Patent Holdings, Inc., Wilmington Method and device for enabling service usage and determination of subscriber identity in communication networks by means of software-based access authorization cards (vSIM)
US8862874B2 (en) * 2008-05-09 2014-10-14 International Business Machines Corporation Certificate distribution using secure handshake
FR2932229B1 (en) * 2008-06-05 2011-06-24 Renault Sas CONTROL OF THE POWER SUPPLY OF AN IGNITION CANDLE OF AN INTERNAL COMBUSTION ENGINE
US9122895B2 (en) * 2008-06-25 2015-09-01 Microsoft Technology Licensing, Llc Authorization for transient storage devices with multiple authentication silos
WO2010025318A2 (en) * 2008-08-28 2010-03-04 Motorola, Inc. Encrypting a unique cryptographic entity
US8751791B2 (en) * 2008-09-17 2014-06-10 Motorola Solutions, Inc. Method and device for confirming authenticity of a public key infrastructure (PKI) transaction event
US20120137364A1 (en) 2008-10-07 2012-05-31 Mocana Corporation Remote attestation of a mobile device
US9621341B2 (en) * 2008-11-26 2017-04-11 Microsoft Technology Licensing, Llc Anonymous verifiable public key certificates
US8738932B2 (en) * 2009-01-16 2014-05-27 Teleputers, Llc System and method for processor-based security
CN101807998A (en) 2009-02-13 2010-08-18 英飞凌科技股份有限公司 Authentication
US8544092B2 (en) 2009-03-12 2013-09-24 International Business Machines Corporation Integrity verification using a peripheral device
US8509448B2 (en) * 2009-07-29 2013-08-13 Motorola Solutions, Inc. Methods and device for secure transfer of symmetric encryption keys
US9490984B2 (en) * 2009-09-14 2016-11-08 Interdigital Patent Holdings, Inc. Method and apparatus for trusted authentication and logon
CN101699891B (en) * 2009-10-21 2012-07-25 西安西电捷通无线网络通信股份有限公司 Method for key management and node authentication of sensor network
US8700893B2 (en) * 2009-10-28 2014-04-15 Microsoft Corporation Key certification in one round trip
US8327424B2 (en) * 2009-12-22 2012-12-04 Motorola Solutions, Inc. Method and apparatus for selecting a certificate authority
MY151315A (en) 2010-05-07 2014-05-15 Mimos Berhad System and method for issuing endorsement key credential in trusted computing environment using local certificate authority
US8788811B2 (en) 2010-05-28 2014-07-22 Red Hat, Inc. Server-side key generation for non-token clients
US20120174196A1 (en) * 2010-12-30 2012-07-05 Suresh Bhogavilli Active validation for ddos and ssl ddos attacks
US8806196B2 (en) * 2011-11-04 2014-08-12 Motorola Solutions, Inc. Method and apparatus for authenticating a digital certificate status and authorization credentials
US9754253B1 (en) * 2011-11-28 2017-09-05 Amazon Technologies, Inc. Conditioned use of certificates
US9413538B2 (en) * 2011-12-12 2016-08-09 Microsoft Technology Licensing, Llc Cryptographic certification of secure hosted execution environments
US9054871B2 (en) * 2012-02-21 2015-06-09 California Institute Of Technology Physical key-protected one time pad
US8782423B2 (en) 2012-06-19 2014-07-15 Microsoft Corporation Network based management of protected data sets
US20140006776A1 (en) * 2012-06-29 2014-01-02 Mark Scott-Nash Certification of a virtual trusted platform module
US9411962B2 (en) * 2012-07-18 2016-08-09 Sequitur Labs Inc. System and methods for secure utilization of attestation in policy-based decision making for mobile device management and security
US8782401B2 (en) 2012-09-26 2014-07-15 Intel Corporation Enhanced privacy ID based platform attestation
US9374228B2 (en) * 2012-10-12 2016-06-21 International Business Machines Corporation Verifying a geographic location of a virtual disk image executing at a data center server within a data center
US9794602B2 (en) * 2012-10-29 2017-10-17 Echostar Technologies L.L.C. Systems and methods for securely providing streaming media content on-demand
US9935953B1 (en) * 2012-11-06 2018-04-03 Behaviometrics Ab Secure authenticating an user of a device during a session with a connected server
US9077759B2 (en) * 2013-01-18 2015-07-07 Apple Inc. Conflict resolution for keychain syncing
US9594567B2 (en) * 2013-02-21 2017-03-14 Dell Products, Lp Configuring a trusted platform module
US20140259132A1 (en) * 2013-03-06 2014-09-11 Go Daddy Operating Company, LLC System for creating a security certificate
EP2815349B1 (en) * 2013-03-06 2021-04-21 Intel Corporation Roots-of-trust for measurement of virtual machines
US20140281497A1 (en) * 2013-03-13 2014-09-18 General Instrument Corporation Online personalization update system for externally acquired keys
US9219607B2 (en) * 2013-03-14 2015-12-22 Arris Technology, Inc. Provisioning sensitive data into third party
US9332002B1 (en) * 2013-03-14 2016-05-03 Amazon Technologies, Inc. Authenticating and authorizing a user by way of a digital certificate
CA2902285A1 (en) * 2013-03-15 2014-09-18 Ologn Technologies Ag Systems, methods and apparatuses for remote attestation
DE102013205051A1 (en) * 2013-03-21 2014-09-25 Siemens Aktiengesellschaft Updating a digital device certificate of an automation device
JP6079394B2 (en) * 2013-04-11 2017-02-15 富士通株式会社 Certificate generation method, certificate generation apparatus, information processing apparatus, communication device, and program
US9094377B2 (en) * 2013-08-16 2015-07-28 Netflix, Inc. Key generation and broadcasting
US9998438B2 (en) 2013-10-23 2018-06-12 Microsoft Technology Licensing, Llc Verifying the security of a remote server
US9391980B1 (en) 2013-11-11 2016-07-12 Google Inc. Enterprise platform verification
US9647832B2 (en) * 2014-01-13 2017-05-09 Visa International Service Association Efficient methods for protecting identity in authenticated transmissions
US9680872B1 (en) * 2014-03-25 2017-06-13 Amazon Technologies, Inc. Trusted-code generated requests
US9652604B1 (en) * 2014-03-25 2017-05-16 Amazon Technologies, Inc. Authentication objects with delegation
US10049202B1 (en) * 2014-03-25 2018-08-14 Amazon Technologies, Inc. Strong authentication using authentication objects
US10050787B1 (en) * 2014-03-25 2018-08-14 Amazon Technologies, Inc. Authentication objects with attestation
US20160344725A1 (en) * 2014-04-02 2016-11-24 William B. SEVERIN Signal haystacks
EP2937806A1 (en) * 2014-04-22 2015-10-28 ALSTOM Renewable Technologies Method and system for securing electronic data exchange between an industrial programmable device and a portable programmable device
US9652631B2 (en) * 2014-05-05 2017-05-16 Microsoft Technology Licensing, Llc Secure transport of encrypted virtual machines with continuous owner access
US9692599B1 (en) * 2014-09-16 2017-06-27 Google Inc. Security module endorsement
US9716716B2 (en) * 2014-09-17 2017-07-25 Microsoft Technology Licensing, Llc Establishing trust between two devices
US9705879B2 (en) * 2014-09-17 2017-07-11 Microsoft Technology Licensing, Llc Efficient and reliable attestation
US9331989B2 (en) 2014-10-06 2016-05-03 Micron Technology, Inc. Secure shared key sharing systems and methods
US9900295B2 (en) * 2014-11-05 2018-02-20 Microsoft Technology Licensing, Llc Roaming content wipe actions across devices
US10348727B2 (en) * 2015-02-13 2019-07-09 International Business Machines Corporation Automatic key management using enterprise user identity management
US10015173B1 (en) * 2015-03-10 2018-07-03 Symantec Corporation Systems and methods for location-aware access to cloud data stores
CN107533501A (en) 2015-03-20 2018-01-02 里维茨公司 Use block chain automated validation appliance integrality
WO2016168503A1 (en) * 2015-04-15 2016-10-20 Melrok, Llc Secure broadcast systems and methods for internet of things devices
US20160364553A1 (en) * 2015-06-09 2016-12-15 Intel Corporation System, Apparatus And Method For Providing Protected Content In An Internet Of Things (IOT) Network
US10230696B2 (en) * 2015-06-09 2019-03-12 Intel Corporation System, apparatus and method for managing lifecycle of secure publish-subscribe system
CN107683599A (en) * 2015-06-11 2018-02-09 西门子公司 Authorization device and method for the mandate issue of the authentication token of equipment
US10333903B1 (en) * 2015-06-16 2019-06-25 Amazon Technologies, Inc. Provisioning network keys to devices to allow them to provide their identity
US9923721B2 (en) * 2015-06-22 2018-03-20 Intel IP Corporation Key agreement and authentication for wireless communication
CN105141593A (en) 2015-08-10 2015-12-09 刘澄宇 Private cloud platform secure computation method
US10397255B1 (en) * 2015-09-23 2019-08-27 StackRox, Inc. System and method for providing security in a distributed computation system utilizing containers
US20170093586A1 (en) * 2015-09-25 2017-03-30 Qualcomm Incorporated Techniques for managing certificates on a computing device
US9906513B2 (en) * 2015-09-28 2018-02-27 Bank Of America Corporation Network authorization system
US9917687B2 (en) * 2015-10-12 2018-03-13 Microsoft Technology Licensing, Llc Migrating secrets using hardware roots of trust for devices
US9832024B2 (en) * 2015-11-13 2017-11-28 Visa International Service Association Methods and systems for PKI-based authentication
US9740867B2 (en) * 2015-11-16 2017-08-22 Dell Products, L.P. Securely passing user authentication data between a pre-boot authentication environment and an operating system
US10009179B2 (en) * 2015-11-30 2018-06-26 Microsoft Technology Licensing, Llc Trusted platform module (TPM) protected device
US10169591B2 (en) * 2015-12-07 2019-01-01 Amazon Technologies, Inc. Chained security systems
US10536271B1 (en) * 2016-01-10 2020-01-14 Apple Inc. Silicon key attestation
US10341325B2 (en) * 2016-01-29 2019-07-02 Vmware, Inc. System and method for transferring device identifying information
US10169602B2 (en) * 2016-02-22 2019-01-01 Dell Products, L.P. Method for local key management setup and recovery
US10412191B1 (en) * 2016-03-30 2019-09-10 Amazon Technologies, Inc. Hardware validation
US10277407B2 (en) * 2016-04-19 2019-04-30 Microsoft Technology Licensing, Llc Key-attestation-contingent certificate issuance
US11256746B2 (en) * 2016-04-25 2022-02-22 Oracle International Corporation Hash-based efficient secondary indexing for graph data stored in non-relational data stores
GB201607476D0 (en) * 2016-04-29 2016-06-15 Eitc Holdings Ltd Operating system for blockchain IOT devices
US10447467B2 (en) * 2016-05-04 2019-10-15 International Business Machines Corporation Revocable PKI signatures
US9916452B2 (en) * 2016-05-18 2018-03-13 Microsoft Technology Licensing, Llc Self-contained cryptographic boot policy validation
US10115250B2 (en) * 2016-05-23 2018-10-30 Fuji Xerox Co., Ltd. Systems and methods for location enabled electronic lock controls
US10135622B2 (en) * 2016-06-03 2018-11-20 Intel Corporation Flexible provisioning of attestation keys in secure enclaves
US10601787B2 (en) * 2016-06-06 2020-03-24 Cisco Technology, Inc. Root of trust of geolocation
US10708067B2 (en) * 2016-06-18 2020-07-07 Intel Corporation Platform attestation and registration for servers
US20180007037A1 (en) * 2016-07-01 2018-01-04 Kenneth Wade Reese Transaction-specific shared secret in one-time password device
US10135921B2 (en) * 2016-09-20 2018-11-20 Keir Finlow-Bates System and method for announcing cryptographic keys on a blockchain
US10733284B2 (en) * 2016-10-06 2020-08-04 Samsung Electronics Co., Ltd. Trusted execution environment secure element communication
US10498712B2 (en) * 2016-11-10 2019-12-03 Ernest Brickell Balancing public and personal security needs
US10447681B2 (en) * 2016-12-07 2019-10-15 Vmware, Inc. Secure asymmetric key application data sharing
US10574648B2 (en) * 2016-12-22 2020-02-25 Dashlane SAS Methods and systems for user authentication
US10229270B2 (en) * 2016-12-23 2019-03-12 Amazon Technologies, Inc. Host attestation
US20180183578A1 (en) * 2016-12-27 2018-06-28 Intel Corporation Provisioning keys for virtual machine scaling
US20180183586A1 (en) * 2016-12-28 2018-06-28 Intel Corporation Assigning user identity awareness to a cryptographic key
US10530777B2 (en) * 2017-01-24 2020-01-07 Microsoft Technology Licensing, Llc Data unsealing with a sealing enclave
US11036875B2 (en) * 2017-01-24 2021-06-15 Microsoft Technology Licensing, Llc Dependent enclave binaries
US11405177B2 (en) * 2017-01-24 2022-08-02 Microsoft Technology Licensing, Llc Nested enclave identity
US11443033B2 (en) * 2017-01-24 2022-09-13 Microsoft Technology Licensing, Llc Abstract enclave identity
US20180241572A1 (en) * 2017-02-22 2018-08-23 Intel Corporation Techniques for remote sgx enclave authentication
US10341864B2 (en) * 2017-03-03 2019-07-02 Verizon Patent And Licensing Inc. Network-based device registration for content distribution platforms
US20180287920A1 (en) * 2017-03-30 2018-10-04 Ca, Inc. Intercepting application traffic monitor and analyzer
US10397005B2 (en) * 2017-03-31 2019-08-27 Intel Corporation Using a trusted execution environment as a trusted third party providing privacy for attestation
US10440006B2 (en) * 2017-06-21 2019-10-08 Microsoft Technology Licensing, Llc Device with embedded certificate authority
US10819696B2 (en) * 2017-07-13 2020-10-27 Microsoft Technology Licensing, Llc Key attestation statement generation providing device anonymity

Also Published As

Publication number Publication date
CN110892672A (en) 2020-03-17
KR20200027500A (en) 2020-03-12
US20190020647A1 (en) 2019-01-17
NZ759830A (en) 2023-10-27
MX2020000328A (en) 2020-07-13
CO2020000162A2 (en) 2020-01-17
JP7077394B2 (en) 2022-05-30
IL271812B2 (en) 2024-01-01
RU2020106575A (en) 2021-08-13
SG11201912738WA (en) 2020-01-30
JP2020527305A (en) 2020-09-03
EP3652882A1 (en) 2020-05-20
US20200396217A1 (en) 2020-12-17
AU2018299716B2 (en) 2023-09-21
ZA201908494B (en) 2021-03-31
US11750591B2 (en) 2023-09-05
WO2019013886A1 (en) 2019-01-17
KR102451109B1 (en) 2022-10-07
US10819696B2 (en) 2020-10-27
IL271812A (en) 2020-02-27
RU2763516C2 (en) 2021-12-30
AU2018299716A1 (en) 2020-01-02
CA3067540A1 (en) 2019-01-17
RU2020106575A3 (en) 2021-08-13
IL271812B1 (en) 2023-09-01
CL2020000081A1 (en) 2020-07-31
CN110892672B (en) 2023-10-20
BR112020000220A2 (en) 2020-07-07

Similar Documents

Publication Publication Date Title
PH12020550006A1 (en) Key attestation statement generation providing device anonymity
WO2015134760A3 (en) Secure hardware for cross-device trusted applications
TW201612787A (en) Network authentication method for secure electronic transactions
SG10201901366WA (en) Key exchange through partially trusted third party
GB2573666A (en) Verifying authenticity of computer readable information using the blockchain
RU2018103181A (en) CONFIDENTIAL AUTHENTICATION AND SECURITY
WO2016057086A3 (en) Common modulus rsa key pairs for signature generation and encryption/decryption
MX2021002895A (en) Authentication of internet of things devices, including electronic locks.
MY181840A (en) Devices and methods for client device authentication
AU2018256568A1 (en) Systems and methods for software based encryption
GB2572088A8 (en) Controlling access to a locked space using cryptographic keys stored on a blockchain
BR112017003018A2 (en) secure provision of an authentication credential
GB2566874A (en) Method for obtaining vetted certificates by microservices in elastic cloud environments
MX2017003533A (en) Establishing trust between two devices.
MX2019008945A (en) Origin certificate based online certificate issuance.
WO2011056321A3 (en) Key certification in one round trip
MX2016014461A (en) Provisioning drm credentials on a client device using an update server.
RU2017106105A (en) METHODS FOR SAFE Cryptogram Generation
JP2017530586A5 (en)
RU2016104645A (en) METHOD OF AUTHORIZATION OF THE OPERATION INTENDED FOR PERFORMANCE ON THE TASKED COMPUTER DEVICE
EA201790385A1 (en) METHOD OF DIGITAL SIGNATURE OF ELECTRONIC FILE AND METHOD OF AUTHENTICATION
JP2017513265A5 (en)
GB201221433D0 (en) A method and system of providing authentication of user access to a computer resource on a mobile device
JP2016510564A5 (en)
IN2014MU00771A (en)